/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2024-09-09 01:36:41 UTC
  • mto: This revision was merged to the branch mainline in revision 410.
  • Revision ID: teddy@recompile.se-20240909013641-6zu6kx2f7meu134k
Make all required directories when installing

When installing into a normal system, one can assume that target
directories, such as /usr/bin, already exists.  But when installing
into a subdirectory for the purpose of creating a package, one cannot
assume that all directories already exist.  Therefore, when
installing, we must not check if any directories exist, and must
instead always create any directories we want to install into.

* Makefile (confdir/mandos.conf, confdir/clients.conf, install-html):
  Use the "-D" option to "install" instead of creating the directory
  separately.
  (install-server): Move creation of $(CONFDIR) down to before it is
  needed.  Don't check if the $(TMPFILES) or $(SYSUSERS) directories
  exist; instead create them by using the "-D" option to "install".
  Create the $(PREFIX)/sbin directory.  Always use
  "--target-directory" if possible; i.e. if the file name is the same.
  Create the $(DBUSPOLICYDIR) and $(DESTDIR)/etc/init.d directories by
  using the "-D" option to "install".  Don't check if the $(SYSTEMD)
  directory exists; instead create it by using the "-D" option to
  "install".  Create the $(DESTDIR)/etc/default and $(MANDIR)/man8
  directories by using the "-D" option to "install".  Create the
  $(MANDIR)/man5 directories explicitly.
  (install-client-nokey): Remove unnecessary creation of the
  $(CONFDIR) directory.  Don't check if the $(SYSUSERS) directory
  exists; instead create it by using the "-D" option to "install".
  Move the "--directory" argument to be the first argument, for
  clarity.  Create the $(PREFIX)/sbin directory.  Use the "-D"
  argument to "install" when installing
  $(INITRAMFSTOOLS)/hooks/mandos,
  $(INITRAMFSTOOLS)/conf.d/mandos-conf,
  $(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos,
  $(INITRAMFSTOOLS)/scripts/init-premount/mandos,
  $(INITRAMFSTOOLS)/scripts/local-premount/mandos,
  $(DRACUTMODULE)/ask-password-mandos.path, and
  $(DRACUTMODULE)/dracut-module/ask-password-mandos.service.  Create
  the $(MANDIR)/man8 directory.

Reported-By: Erich Eckner <erich@eckner.net>
Thanks: Erich Eckner <erich@eckner.net> for analysis

Show diffs side-by-side

added added

removed removed

Lines of Context:
29
29
 
30
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
 
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
 
32
FORTIFY:=-fstack-protector-all -fPIC
 
33
CPPFLAGS+=-D_FORTIFY_SOURCE=3
33
34
LINK_FORTIFY_LD:=-z relro -z now
34
35
LINK_FORTIFY:=
35
36
 
41
42
#COVERAGE=--coverage
42
43
OPTIMIZE:=-Os -fno-strict-aliasing
43
44
LANGUAGE:=-std=gnu11
44
 
FEATURES:=-D_FILE_OFFSET_BITS=64
 
45
CPPFLAGS+=-D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64
45
46
htmldir:=man
46
 
version:=1.8.9
 
47
version:=1.8.16
47
48
SED:=sed
48
49
PKG_CONFIG?=pkg-config
49
50
 
63
64
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
64
65
# STATEDIR:=$(DESTDIR)/var/lib/mandos
65
66
# LIBDIR:=$(PREFIX)/lib
 
67
# DBUSPOLICYDIR:=$(DESTDIR)/etc/dbus-1/system.d
66
68
##
67
69
 
68
70
## These settings are for a package-type install
83
85
                        break; \
84
86
                fi; \
85
87
        done)
 
88
DBUSPOLICYDIR:=$(DESTDIR)/usr/share/dbus-1/system.d
86
89
##
87
90
 
88
91
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
96
99
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
97
100
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
98
101
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
99
 
GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
100
 
GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \
 
102
GPGME_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gpgme 2>/dev/null \
 
103
        || gpgme-config --cflags; getconf LFS_CFLAGS)
 
104
GPGME_LIBS:=$(shell $(PKG_CONFIG) --libs gpgme 2>/dev/null \
 
105
        || gpgme-config --libs; getconf LFS_LIBS; \
101
106
        getconf LFS_LDFLAGS)
102
107
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
103
108
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
106
111
 
107
112
# Do not change these two
108
113
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
109
 
        $(LANGUAGE) $(FEATURES) -DVERSION='"$(version)"'
 
114
        $(LANGUAGE) -DVERSION='"$(version)"'
110
115
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
111
116
        ) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
112
117
 
296
301
 
297
302
# Need to add the GLib and pthread libraries
298
303
dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)
 
304
# Note: -lpthread is unnecessary with the GNU C library 2.34 or later
299
305
dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread
300
306
 
301
307
.PHONY: clean
369
375
 
370
376
# Used by run-server
371
377
confdir/mandos.conf: mandos.conf
372
 
        install --directory confdir
373
 
        install --mode=u=rw,go=r $^ $@
 
378
        install -D --mode=u=rw,go=r $^ $@
374
379
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
375
 
        install --directory confdir
376
 
        install --mode=u=rw $< $@
 
380
        install -D --mode=u=rw $< $@
377
381
# Add a client password
378
382
        ./mandos-keygen --dir keydir --password --no-ssh >> $@
379
383
statedir:
384
388
 
385
389
.PHONY: install-html
386
390
install-html: html
387
 
        install --directory $(htmldir)
388
 
        install --mode=u=rw,go=r --target-directory=$(htmldir) \
 
391
        install -D --mode=u=rw,go=r --target-directory=$(htmldir) \
389
392
                $(htmldocs)
390
393
 
391
394
.PHONY: install-server
392
395
install-server: doc
393
 
        install --directory $(CONFDIR)
394
396
        if install --directory --mode=u=rwx --owner=$(USER) \
395
397
                --group=$(GROUP) $(STATEDIR); then \
396
398
                :; \
397
399
        elif install --directory --mode=u=rwx $(STATEDIR); then \
398
400
                chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
399
401
        fi
400
 
        if [ "$(TMPFILES)" != "$(DESTDIR)" \
401
 
                        -a -d "$(TMPFILES)" ]; then \
402
 
                install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
 
402
        if [ "$(TMPFILES)" != "$(DESTDIR)" ]; then \
 
403
                install -D --mode=u=rw,go=r tmpfiles.d-mandos.conf \
403
404
                        $(TMPFILES)/mandos.conf; \
404
405
        fi
405
 
        if [ "$(SYSUSERS)" != "$(DESTDIR)" \
406
 
                        -a -d "$(SYSUSERS)" ]; then \
407
 
                install --mode=u=rw,go=r sysusers.d-mandos.conf \
 
406
        if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
 
407
                install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
408
408
                        $(SYSUSERS)/mandos.conf; \
409
409
        fi
410
 
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
 
410
        install --directory $(PREFIX)/sbin
 
411
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
 
412
                mandos
411
413
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
412
414
                mandos-ctl
413
415
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
414
416
                mandos-monitor
 
417
        install --directory $(CONFDIR)
415
418
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
416
419
                mandos.conf
417
420
        install --mode=u=rw --target-directory=$(CONFDIR) \
418
421
                clients.conf
419
 
        install --mode=u=rw,go=r dbus-mandos.conf \
420
 
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
421
 
        install --mode=u=rwx,go=rx init.d-mandos \
 
422
        install -D --mode=u=rw,go=r dbus-mandos.conf \
 
423
                $(DBUSPOLICYDIR)/mandos.conf
 
424
        install -D --mode=u=rwx,go=rx init.d-mandos \
422
425
                $(DESTDIR)/etc/init.d/mandos
423
 
        if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
424
 
                install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
 
426
        if [ "$(SYSTEMD)" != "$(DESTDIR)" ]; then \
 
427
                install -D --mode=u=rw,go=r mandos.service \
 
428
                        $(SYSTEMD); \
425
429
        fi
426
 
        install --mode=u=rw,go=r default-mandos \
 
430
        install -D --mode=u=rw,go=r default-mandos \
427
431
                $(DESTDIR)/etc/default/mandos
428
432
        if [ -z $(DESTDIR) ]; then \
429
433
                update-rc.d mandos defaults 25 15;\
430
434
        fi
 
435
        install --directory $(MANDIR)/man8 $(MANDIR)/man5
431
436
        gzip --best --to-stdout mandos.8 \
432
437
                > $(MANDIR)/man8/mandos.8.gz
433
438
        gzip --best --to-stdout mandos-monitor.8 \
443
448
 
444
449
.PHONY: install-client-nokey
445
450
install-client-nokey: all doc
446
 
        install --directory $(LIBDIR)/mandos $(CONFDIR)
447
451
        install --directory --mode=u=rwx $(KEYDIR) \
448
452
                $(LIBDIR)/mandos/plugins.d \
449
453
                $(LIBDIR)/mandos/plugin-helpers
450
 
        if [ "$(SYSUSERS)" != "$(DESTDIR)" \
451
 
                        -a -d "$(SYSUSERS)" ]; then \
452
 
                install --mode=u=rw,go=r sysusers.d-mandos.conf \
 
454
        if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
 
455
                install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
453
456
                        $(SYSUSERS)/mandos-client.conf; \
454
457
        fi
455
458
        if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
456
 
                install --mode=u=rwx \
457
 
                        --directory "$(CONFDIR)/plugins.d" \
 
459
                install --directory \
 
460
                        --mode=u=rwx "$(CONFDIR)/plugins.d" \
458
461
                        "$(CONFDIR)/plugin-helpers"; \
459
462
        fi
460
 
        install --mode=u=rwx,go=rx --directory \
 
463
        install --directory --mode=u=rwx,go=rx \
461
464
                "$(CONFDIR)/network-hooks.d"
462
465
        install --mode=u=rwx,go=rx \
463
466
                --target-directory=$(LIBDIR)/mandos plugin-runner
464
467
        install --mode=u=rwx,go=rx \
465
468
                --target-directory=$(LIBDIR)/mandos \
466
469
                mandos-to-cryptroot-unlock
 
470
        install --directory $(PREFIX)/sbin
467
471
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
468
472
                mandos-keygen
469
473
        install --mode=u=rwx,go=rx \
487
491
        install --mode=u=rwx,go=rx \
488
492
                --target-directory=$(LIBDIR)/mandos/plugin-helpers \
489
493
                plugin-helpers/mandos-client-iprouteadddel
490
 
        install initramfs-tools-hook \
 
494
        install -D initramfs-tools-hook \
491
495
                $(INITRAMFSTOOLS)/hooks/mandos
492
 
        install --mode=u=rw,go=r initramfs-tools-conf \
 
496
        install -D --mode=u=rw,go=r initramfs-tools-conf \
493
497
                $(INITRAMFSTOOLS)/conf.d/mandos-conf
494
 
        install --mode=u=rw,go=r initramfs-tools-conf-hook \
 
498
        install -D --mode=u=rw,go=r initramfs-tools-conf-hook \
495
499
                $(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
496
 
        install initramfs-tools-script \
 
500
        install -D initramfs-tools-script \
497
501
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos
498
 
        install initramfs-tools-script-stop \
 
502
        install -D initramfs-tools-script-stop \
499
503
                $(INITRAMFSTOOLS)/scripts/local-premount/mandos
500
 
        install --directory $(DRACUTMODULE)
501
 
        install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \
 
504
        install -D --mode=u=rw,go=r \
 
505
                --target-directory=$(DRACUTMODULE) \
502
506
                dracut-module/ask-password-mandos.path \
503
507
                dracut-module/ask-password-mandos.service
504
508
        install --mode=u=rwxs,go=rx \
507
511
                dracut-module/cmdline-mandos.sh \
508
512
                dracut-module/password-agent
509
513
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
 
514
        install --directory $(MANDIR)/man8
510
515
        gzip --best --to-stdout mandos-keygen.8 \
511
516
                > $(MANDIR)/man8/mandos-keygen.8.gz
512
517
        gzip --best --to-stdout plugin-runner.8mandos \
609
614
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
610
615
                $(DESTDIR)/etc/default/mandos \
611
616
                $(DESTDIR)/etc/init.d/mandos \
612
 
                $(SYSTEMD)/mandos.service \
613
617
                $(DESTDIR)/run/mandos.pid \
614
618
                $(DESTDIR)/var/run/mandos.pid
 
619
        if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
 
620
                -rm --force -- $(SYSTEMD)/mandos.service; \
 
621
        fi
615
622
        -rmdir $(CONFDIR)
616
623
 
617
624
.PHONY: purge-client